cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
ISE 2.3 Patch 7 has been posted. This will be the last patch for the ISE 2.3 release!
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

90
Views
0
Helpful
3
Replies
Cisco Employee

ISE to AD integration

I know there are the key design constraints for inter-ISE node communication:

·        Starting in ISE 2.1: 300ms Max round-trip (RT) latency between any two ISE nodes

·        BW most critical between:

o   PSNs and PriPAN (DB Replication)

o   PSNs and MnT (Audit Logging)

·        Latency most critical between PSNs and Pri PAN.

Are there an similar recommendations for PSN to AD integrations i.e. BW, latency etc.?

Thanks Phil

3 REPLIES 3
Cisco Employee

Re: ISE to AD integration

We do not have such for AD. Instead, we recommend to make use of Microsoft Active Directory site so that PSNs query local DC and GC. Please take a look at CiscoLive BRKSEC-2132.

Highlighted
Cisco Employee

Re: ISE to AD integration

What would be our approach when customer moves their AD to the cloud? I guess that a latency guidance would be needed...

Cisco Employee

Re: ISE to AD integration

What would be our approach when customer moves their AD to the cloud? I guess that a latency guidance would be needed...

Everyone's tags (1)